7 matches found
CVE-2026-42224
ipl/web is a set of common web components for php projects. Prior to versions 0.13.1 and 0.10.3, the vulnerability allows an attacker to inject malicious Javascript into a victim's browser to run it in the context of Icinga Web. The victim needs to visit a specifically prepared website and may ha...
CVE-2026-42224
ipl/web is a set of common web components for php projects. Prior to versions 0.13.1 and 0.10.3, the vulnerability allows an attacker to inject malicious Javascript into a victim's browser to run it in the context of Icinga Web. The victim needs to visit a specifically prepared website and may ha...
CVE-2026-42224 ipl/web is vulnerable to reflected XSS by malformed search requests
ipl/web is a set of common web components for php projects. Prior to versions 0.13.1 and 0.10.3, the vulnerability allows an attacker to inject malicious Javascript into a victim's browser to run it in the context of Icinga Web. The victim needs to visit a specifically prepared website and may ha...
CVE-2026-42224
The CVE-2026-42224 entry concerns ipl/web (Icinga Web components). Prior to version 0.13.1, it is vulnerable to reflected XSS via malformed search requests, enabling an attacker to inject JavaScript that runs in a victim’s browser when visiting a crafted site. The issue is patched in 0.13.1. A re...
UBUNTU-CVE-2024-41811
ipl/web is a set of common web components for php projects. Some of the recent development by Icinga is, under certain circumstances, susceptible to cross site request forgery. CSRF. All affected products, in any version, will be unaffected by this once icinga-php-library is upgraded. Version...
CVE-2024-41811 ipl/web susceptible to Cross-Site Request Forgery (CSRF)
ipl/web is a set of common web components for php projects. Some of the recent development by Icinga is, under certain circumstances, susceptible to cross site request forgery. CSRF. All affected products, in any version, will be unaffected by this once icinga-php-library is upgraded. Version...
ipl/web's `ipl\Web\Common\CsrfCounterMeasure` is susceptible to CSRF
Impact Some of the recent development by Icinga is, under certain circumstances, susceptible to cross site request forgery. CSRF Affected products: Icinga Web =2.12.0 Icinga DB Web =1.0.0 Icinga Notifications Web =0.1.0 Icinga Web JIRA Integration =1.3.0 All affected products, in any version, wil...